sec_rgy_auth_plcy_get_info-Returns the authentication policy for an account
#include <dce/policy.h>
void sec_rgy_auth_plcy_get_info(
sec_rgy_handle_t context,
sec_rgy_login_name_t *account,
sec_rgy_plcy_auth_t *auth_policy,
error_status_t *status);
Input
- context
An opaque handle bound to a registry server. Use sec_rgy_site_open() to acquire a bound handle.
- account
A pointer to the account login name (type sec_rgy_login_name_t). A login name is composed of three character strings, containing the principal, group, and organization (PGO) names corresponding to the account.
Output
- auth_policy
A pointer to the sec_rgy_plcy_auth_t structure to receive the authentication policy. The authentication policy structure contains the maximum lifetime for an authentication ticket, and the maximum amount of time for which one can be renewed.
- status
A pointer to the completion status. On successful completion, the routine returns error_status_ok. Otherwise, it returns an error.
The sec_rgy_auth_plcy_get_info() routine returns the authentication policy for the specified account. If no account is specified, the registry's authentication policy is returned.Permissions Required
The sec_rgy_auth_plcy_get_info() routine requires the r (read) permission on the policy object or account principal from which the data is to be returned.
The actual policy in effect will not correspond precisely to what is returned by this call if the overriding registry authentication policy is more restrictive than the policy for the specified account. Use sec_rgy_auth_plcy_get_effective() to return the policy currently in effect for the given account.
- /usr/include/dce/policy.idl
The idl file from which dce/policy.h was derived.
- error_status_ok
The call was successful.
- sec_rgy_object_not_found
No account with the given login name could be found.
- sec_rgy_server_unavailable
The DCE Registry Server is unavailable.
Functions:sec_rgy_auth_plcy_get_effective() ,sec_rgy_auth_plcy_set_info() .
Contents | Next section | Index |